ROBUST: Deep learning for malware detection under changing environments

Malware is one of the most notorious security threats in cyberspace today, and artificial intelligence is playing a major role in pushing its design to the next level. Although several malware detection systems (MDS) based on machine learning have recently been designed to cope with the updated malware nature, most of these systems are still not mature enough to capture the modified malware using anti-analysis techniques. Moreover, the patterns extracted and adopted by a machine learning-based MDS are limited to the specific environment and infrastructure. Hence, they are not fully effective against anti-analysis techniques (e.g.,obfuscation techniques) and/or when tested indifferent execution environments(e.g., differentmachines). Motivated by this fact, this paper presents a new framework for detecting malware in non-stationary environments by leveraging deep learning techniques to extract useful features that are robust against changing environments. More specifically, the framework is based on a special version of an Autoencoder, called a Denoising Autoencoder, which is adopted as a building block in an adaptable deep neural network. The experimental results using a real-world dataset show that the framework improves the detection accuracy compared to existing methods.

Mots clés

malware, malware detection; deep learning; changing environment